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1. (currently amended) A method for providing access to users based on 
user profiles and using a web-based system that includes a server system coupled to a 
centralized interactive database and at least one client system, said method comprising the 
steps of: 

creating an electronic profile for a user within a centralized database; 

creating an electronic profile for data within the centralized database; 

establishing pre-determined rules and methodology for user access; 

making a decision with reference to the user access after completing an 
evaluation based on the electronic profiles, pre-determined rules, and operating methodology 
in response to a request from the user for access; 

if the user is denied access, prompting the user to complete a request for quick 
approval wherein the request for quick approval includes a list of data for approval; 

automatically detennini Ti^ using i o subjected to an internal exception access 
process an approval or a disapproval o f quick acces s, and quick, appro vol io approved based 
on pre-established criteria and the list of data fo r approval: 

if the request for quick approval is approved, at least one of automatically 
flHHin p a rule to the database and automatically adding a user t o the database: 

if the rule is added updating an exception list: and 

notifying the user of the approval . 

retrieving from th e centraliz e d databaao, an oxooption - aooooa rule including 
pro ootabKohod criteria* 

applying tho exception acc e ss rulo to tho compl e t e d r e quoot for quiok 

a p proval; and 

automatically approving aooooo baood on tho exception aoooaa rul e. 
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2. (previously presented) A method according to Claim 1 wherein said 
step of creating an electronic profile for a user further comprises the step of creating an 
electronic profile based on information available from at least one an Oracle Human 
Resource Application and a Request for Computer Access Application. 

3. (original) A method according to Claim 1 wherein said step of 
creating an electronic profile for data further comprises the step of creating data profiles 
based on at least one of Data Elements, Data Tags, Rules of Access, an Approver's Name for 
Each Rule of Access, Rules of Exclusion, an Exception List, and Field Tags. 

4. (original) A method according to Claim 3 wherein said step of 
establishing pre-determined rales and methodology for user access further comprises the 
steps of: 

establishing pre-determined rules in the centralized database based on at least 
one of Rule Based Access guidelines, Group Based Access guidelines, Search & Subscribe 
Utilities guidelines, Active Positioning Monitoring guidelines, Hard Exclusion Rules 
guidelines, and Access Audits guidelines; and 

establishing methodology to ensure timely and accurate decision making 
based on criteria established by the management 

5. (currently amended) A method for managing user profile information, 
including managing access control to applications and data by implementing a level of 
security across the different applications that is the same for each application, using a web- 
based system that includes a server system coupled to a centralized interactive database and 
at least one client system, said method comprising the steps of: 

providing capabilities for a user to request access to information that the user 
currently does not have access to; 

tracking a status of the request using a tracking component coupled to the 
centralized interactive database; 

obtaining a decision from an owner of the data requested; 

-3- 
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if tho decision io aooopG approval, adding at loaat ono of a rul e and tho uoor to 

tho database; 

notifying th e uoor of tho dcoioion; 

if the user is denied access, prompting the user to complete a request for quick 
approval wherein the request for quick approval includes a list of the information the user is 
requesting access to for approval: 

automatically determining, using an internal exception access process an 
approval or a disap proval of the quick access request based on pre-established criteria and the 
list of information the user is requesting access to: 

if the reque st for quick approval is approved, at least one of automatically 
adding a rule to the database and automatically adding a user to the database: 

if the rule is added, updating an exception list: and 

notifying the user of the approval. 

r e trieving from tho centralized datoboao, an exception aooeoo rule including 
pre e stablished criteria; 

applying tho exception aooooo rul e to the completed roquoot for quiok 

approval; and 

automatically approving aooooo based on the e xception qooogq rule. 

6. (original) A method according to Claim 5 wherein said step of 
obtaining a decision further comprises the step of obtaining at least one of an approval 
decision and a disapproval decision. 

7. (original) A method according to Claim 5 wherein said step of 
implementing the decision further includes the steps of reviewing and auditing the user 
access. 

8. (original) A method according to Claim 5 wherein said step of 
implementing the decision further includes the step of creating a consistent security model 
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that includes centralized administration of security of the system and uses single user profile 
and privilege for accessing different applications. 

9. (original) A method according to Claim 5 wherein said method further 
comprises the steps of: 

creating user profiles; 

providing access control to data associated with user profiles; 

defining permissions based on a user identifier associated with user profiles; 

and 

developing a specification for user interfaces. 

10. (original) A method according to Claim 5 further comprising the step 
of providing administration of a common security model for access control and event 
notification. 

11. (original) A method according to Claim 5 further comprising the step 
of updating profiles automatically on at least one of a pre-determined timed interval and a 
change in organization hierarchy. 

12. (original) A method according to Claim 5 further comprises the step of 
updating profiles automatically when a user transfers departments. 

13. (original) A method according to Claim 5 further comprising the step 
of generating access list reports that identify accessible and non-accessible data and 
restrictions for access. 

14. (original) A method according to Claim 5 further comprising the step 
of retrieving information from the centralized database in response to a specific inquiry from 
an administrator. 

15. (original) A method according to Claim 5 wherein the client system 
and the server system are connected via a network and wherein the network is one of a wide 
area network, a local area network, an intranet and the Internet. 
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16. (currently amended) A computer-implemented database embodied on 
a computer-readable medium configured to be protected from access by unauthorized 
individuals by managing user and data profiles by an administrator, said database providing 
access to users based on pre-determined rules and criteria further comprising: 

pre-established criteria data developed from access rules and criteria including 
at least one of Rule Based Access guidelines, Group Based Access guidelines, Search & 
Subscribe Utilities guidelines, Active Positioning Monitoring guidelines, Hard Exclusion 
Rules guidelines, and Access Audits guidelines; 

applications data including system administrator defined attributes that cross- 
references the applications profile data against unique identifiers; ~~ " 

user data that includes a user's organization and citizenship, that cross- 
references the users profile data against unique identifiers; and 

pre-determined rules and methodologies data that facilitates accurate user 
access-decision making. 

17. (canceled) 

18. (canceled) 

19. (canceled) 

20. (canceled) 
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